CVE-2010-3201

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program.

Published: Jan 8, 2011
Updated: Apr 13, 2023
CVE: CVE-2010-3201
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
netwin / surgemail	4.2d3-3	4.2d3-3.x
netwin / surgemail	3.6f7	3.6f7.x
netwin / surgemail	1.3d	1.3d.x
netwin / surgemail	1.1a	1.1a.x
netwin / surgemail	3.9g2	3.9g2.x
netwin / surgemail	3.8s	3.8s.x
netwin / surgemail	3.0c2	3.0c2.x
netwin / surgemail	beta_3.9a	beta_3.9a.x
netwin / surgemail	2.2a6	2.2a6.x
netwin / surgemail	1.8e	1.8e.x
netwin / surgemail	3.7b	3.7b.x
netwin / surgemail	3.8d	3.8d.x
netwin / surgemail	3.9a	3.9a.x
netwin / surgemail	1.6e2	1.6e2.x
netwin / surgemail	1.3i	1.3i.x
netwin / surgemail	1.3c	1.3c.x
netwin / surgemail	2.0g2	2.0g2.x
netwin / surgemail	1.3b	1.3b.x
netwin / surgemail	3.8b	3.8b.x
netwin / surgemail	3.7b8	3.7b8.x
netwin / surgemail	3.8i3	3.8i3.x
netwin / surgemail	2.0e	2.0e.x
netwin / surgemail	3.8a	3.8a.x
netwin / surgemail	3.5b3	3.5b3.x
netwin / surgemail	1.1d	1.1d.x
netwin / surgemail	3.8k3	3.8k3.x
netwin / surgemail	1.3l	1.3l.x
netwin / surgemail	3.7b6	3.7b6.x
netwin / surgemail	4.2a3-3	4.2a3-3.x
netwin / surgemail	1.7b3	1.7b3.x
netwin / surgemail	1.8f	1.8f.x
netwin / surgemail	3.9c	3.9c.x
netwin / surgemail	2.1a	2.1a.x
netwin / surgemail	1.5f	1.5f.x
netwin / surgemail	1.6e	1.6e.x
netwin / surgemail	2.0c	2.0c.x
netwin / surgemail	2.2g2	2.2g2.x
netwin / surgemail	3.8f2	3.8f2.x
netwin / surgemail	3.8m	3.8m.x
netwin / surgemail	3.8q	3.8q.x
netwin / surgemail	4.2d2-2	4.2d2-2.x
netwin / surgemail	1.6d	1.6d.x
netwin / surgemail	3.7b3	3.7b3.x
netwin / surgemail	3.8u	3.8u.x
netwin / surgemail	3.8f	3.8f.x
netwin / surgemail	1.4c	1.4c.x
netwin / surgemail	4.0k	4.0k.x
netwin / surgemail	1.3k	1.3k.x
netwin / surgemail	1.3a_rc1	1.3a_rc1.x
netwin / surgemail	1.5d2	1.5d2.x
netwin / surgemail	4.0a	4.0a.x
netwin / surgemail	1.2a	1.2a.x
netwin / surgemail	3.2e	3.2e.x
netwin / surgemail	3.8k4	3.8k4.x
netwin / surgemail	1.6a	1.6a.x
netwin / surgemail	3.8o	3.8o.x
netwin / surgemail	1.5a	1.5a.x
netwin / surgemail	1.3g	1.3g.x
netwin / surgemail	1.5c	1.5c.x
netwin / surgemail	1.0d	1.0d.x
netwin / surgemail	1.3f	1.3f.x
netwin / surgemail	1.3h	1.3h.x
netwin / surgemail	1.1c	1.1c.x
netwin / surgemail	1.2b	1.2b.x
netwin / surgemail	3.9g	3.9g.x
netwin / surgemail	1.5b	1.5b.x
netwin / surgemail	1.4b	1.4b.x
netwin / surgemail	4.0u3	4.0u3.x
netwin / surgemail	1.1b	1.1b.x
netwin / surgemail	1.0c	1.0c.x
netwin / surgemail	2.2c10	2.2c10.x
netwin / surgemail	4.2a2-3	4.2a2-3.x
netwin / surgemail	4.0u4	4.0u4.x
netwin / surgemail	3.6d	3.6d.x
netwin / surgemail	2.2g3	2.2g3.x
netwin / surgemail	1.8d	1.8d.x
netwin / surgemail	-	4.2d4-4.x
netwin / surgemail	1.8b3	1.8b3.x
netwin / surgemail	2.2c9	2.2c9.x
netwin / surgemail	4.2d-1	4.2d-1.x
netwin / surgemail	1.7a	1.7a.x
netwin / surgemail	1.3a	1.3a.x
netwin / surgemail	3.7b7	3.7b7.x
netwin / surgemail	1.4a	1.4a.x
netwin / surgemail	1.8g3	1.8g3.x
netwin / surgemail	3.8i2	3.8i2.x
netwin / surgemail	3.6f5	3.6f5.x
netwin / surgemail	1.8a	1.8a.x
netwin / surgemail	1.9	1.9.x
netwin / surgemail	2.0a2	2.0a2.x
netwin / surgemail	3.8i	3.8i.x
netwin / surgemail	1.3j	1.3j.x
netwin / surgemail	3.7b5	3.7b5.x
netwin / surgemail	3.8k	3.8k.x
netwin / surgemail	4.2a2-2	4.2a2-2.x
netwin / surgemail	4.0v-8	4.0v-8.x
netwin / surgemail	2.1c7	2.1c7.x
netwin / surgemail	3.8f3	3.8f3.x
netwin / surgemail	3.1s	3.1s.x
netwin / surgemail	3.9e	3.9e.x
netwin / surgemail	1.6b	1.6b.x
netwin / surgemail	3.8k2	3.8k2.x
netwin / surgemail	1.3e	1.3e.x
netwin / surgemail	3.5a	3.5a.x
netwin / surgemail	1.9b2	1.9b2.x
netwin / surgemail	3.0a	3.0a.x
netwin / surgemail	1.5d	1.5d.x
netwin / surgemail	3.6f3	3.6f3.x
netwin / surgemail	1.2c	1.2c.x

Vulnerability Database

289,697

CVE-2010-3201